Approximately 500 NIST staffers, including at least three lab directors, are expected to lose their jobs at the standards agency as part of the ongoing DOGE purge, sources tell WIRED.

Sweeping layoffs architected by the Trump administration and the so-called Department of Government Efficiency may be coming as soon as this week at the National Institute of Standards and Technology (NIST), a non-regulatory agency responsible for establishing benchmarks that ensure everything from beauty products to quantum computers are safe and reliable.

According to several current and former employees at NIST, the agency has been bracing for cuts since President Donald Trump took office last month and ordered billionaire Elon Musk and DOGE to slash spending across the federal government. The fears were heightened last week when some NIST workers witnessed a handful of people they believed to be associated with DOGE inside Building 225, which houses the NIST Information Technology Laboratory at the agency’s Gaithersburg, Maryland campus, according to multiple people briefed on the sightings. The DOGE staff were seeking access to NIST’s IT systems, one of the people said.

Soon after the purported visit, NIST leadership told employees that DOGE staffers were not currently on campus, but that office space and technology were being provisioned for them, according to the same people.

On Wednesday, Axios and Bloomberg reported that NIST had begun informing some employees that they could soon be laid off. About 500 recent hires who are still in probationary status and can be let go more easily were among those expected to be affected, according to the reports. Three sources tell WIRED that the cuts likely impact lauded technical experts in leadership positions, including three lab directors who were promoted within the last year. One person familiar with the agency tells WIRED that the official layoff notices may come Friday.

The White House and a spokesperson for NIST, which is part of the Department of Commerce, did not yet return requests for comment.

One NIST team that has been fearing cuts because of its number of probationary employees is the US AI Safety Institute (AISI), which was created after former President Joe Biden’s sweeping executive order on AI issued in October 2023. Trump rescinded the order shortly after taking office last month, describing it as a “barrier to American leadership in artificial intelligence.”

The AI Safety Institute and its roughly two dozen staffers has been working closely with AI companies, including rivals to Musk’s startup xAI like OpenAI and Anthropic, to understand and test the capabilities of their most powerful models. Musk was an early investor in OpenAI and is currently suing the startup over its decision to transition from a non-profit to a for-profit corporation.

AISI’s inaugural director, Elizabeth Kelly, announced she was leaving her role earlier this month. Several other high-profile NIST leaders working on AI have also departed in recent weeks, including Reva Schwartz, who led NIST’s Assessing Risks and Impacts of AI program, and Elham Tabassi, NIST’s chief AI advisor. Kelly and Schwartz declined to comment. Tabassi did not respond to a request for comment.

US Vice President JD Vance recently signaled the new administration’s intent to deprioritize AI safety at the AI Action Summit, a major international meeting held in Paris last week that AISI and other government staffers were not invited to attend, according to three familiar with the matter. “I'm not here this morning to talk about AI safety,” Vance said in his first major speech as VP. “I'm here to talk about AI opportunity.”

Though they receive bipartisan support, the AI Safety Institute and other parts of NIST had been preparing for the Trump administration to set new priorities for their work. In anticipation, some NIST teams began moving to deprioritize efforts such as fighting misinformation and racial bias in AI systems, according to two people familiar with the projects. Two other people say that putting even more public emphasis on national security was welcomed among some staffers, since the institute has already engaged in related research efforts.

Overall, the AI Safety Institute has been pressing ahead with working groups and other efforts focused on developing guidelines for studying AI systems. Last week, the startup Scale AI announced it had been selected by the institute as its “first approved third-party evaluator authorized to conduct AI model assessments.” Michael Kratsios, Trump’s pick to direct the White House Office of Science and Technology Policy, was until recently Scale’s managing director.

The feared layoffs at NIST have drawn strong rebuke from civil society groups, such as the Center for AI Policy, and congressional Democrats. NIST’s 2024 budget was about $1.5 billion, approximately .02 percent of federal spending overall, making it perhaps an unlikely target for Musk’s DOGE project. DOGE staffers have dropped into several government agencies this month, gaining access to sensitive systems, promoting the use of AI to boost productivity, and seeding a trail of resignations among long-time government workers. DOGE’s specific goals at NIST couldn’t be immediately learned.

US Representative Jake Auchincloss, a Democrat who serves on the House energy and commerce committee, says any efforts by DOGE to trim NIST rather than focusing instead on parts of government that account for far more spending, such as Department of Defense contracts, amounts to “scrounging for pennies in front of a bank vault.” He called NIST an agency with high returns on investment and warned that hobbling it would be self-defeating for the US. “Imparing NIST’s function is going to harm business productivity and increase costs,” Auchincloss says.

Staff for Democrats on the US House of Representatives Committee on Science, Space, and Technology say they are concerned about the potential for significant economic harm from any cuts to NIST. The agency’s timekeeping is used by stock markets and its research on buildings and pipelines help keep infrastructure intact. DOGE “might throw out things that are crucial to the functioning of the economy,” says one of the Democratic staffers, who all spoke on the condition of anonymity.

Budget cuts at other agencies could also have ripple effects at NIST because they help fund some of its projects, including studies on the accuracy of facial recognition systems and a database of cybersecurity vulnerabilities. “We’re worried about staffing, funding at every research agency in the federal government,” says the science committee staffer.

Earlier this month, California representative Zoe Lofgren, the top Democrat on the Republican-controlled House science committee, and her colleagues sent letters to the heads of several agencies including NIST and National Aeronautics and Space Administration demanding transparency about DOGE activities.

“While NIST does not conduct classified research, its cutting edge work in topics such as AI, quantum sensors and clocks, and semiconductors are world-class, and improper exfiltration to non-secure servers would be a boon for our adversaries,” stated the letter last week to NIST Acting Director Craig Burkhardt. It demanded a response from him by February 18; as of February 19, there had been none, according to Lofgren’s office.

The letter also raised concern about Musk’s potential conflicts of interest at NIST, given the intimate dealings between the AI Safety Institute and his competitors. Representative Auchincloss, who has studied NIST’s biology projects, expressed concern about Musk potentially gaining an unfair advantage and compromising safety by influencing standards that affect his Neuralink brain implant venture.

NIST was originally created in 1901 to help the US science and engineering industries establish scientific norms in areas like measurement. In coordination with the US Naval Observatory, the agency is also responsible for building and maintaining the country’s most accurate atomic clocks. Overall, NIST currently employs about 3,400 scientists, engineers, and technicians, according to its website.

Project 2025, an informal plan for the Trump administration crafted by the Heritage Foundation, an influential right-leaning think tank, called for consolidating the research work currently spread across NIST and other agencies and ensuring that it “serves the national interest in a concrete way in line with conservative principles.”

_Additional reporting by Andrew Couts, Kate Knibbs, and Louise Matsakis._

The National Institute of Standards and Technology Braces for Mass Firings

Google enables marketers to target people with serious illnesses and crushing debt—against its policies—as well as the makers of classified defense technology, a WIRED investigation has found.

A WIRED investigation into the inner workings of Google’s advertising ecosystem reveals that a wealth of sensitive information on Americans is being openly served up to some of the world’s largest brands despite the company’s own rules against it. Experts say that when combined with other data, this information could be used to identify and target specific individuals.

Display & Video 360 (DV360), one of the dominant marketing platforms offered by the search giant, is offering companies globally the option of targeting devices in the United States based on lists of internet users believed to suffer from chronic illnesses and financial distress, among other categories of personal data that are ostensibly banned under Google’s public policies.

Other lists of American users accessible for a price across the platform raise serious national security concerns, experts say, as they reveal data brokers striving to isolate millions of mobile devices carried by government workers—from US judges and military service members to executive agency staff and employees on Capitol Hill.

First reviewed by WIRED, an internal spreadsheet obtained from a US-based data broker shows the DV360 platform currently hosting hundreds if not thousands of restricted or otherwise sensitive “audience segments,” each containing a large tranche of data that points to countless mobile devices and online profiles of people in the US. The segments are generated not by Google, but by DV360 customers who upload them to the system, where others can use them to target ads at specific audiences.

The data—first obtained by the Irish Council for Civil Liberties (ICCL), Ireland's oldest independent human rights body—reveals segments targeting hundreds of millions of device users based exclusively on health conditions, from chronic pain and menopause to, among others, fibromyalgia, psoriasis, arthritis, high cholesterol, and hypertension.

“As with other demand-side platforms, advertisers are able to upload audience lists to Display & Video 360, based either on their own first-party data or from segment providers,” says Erica Walsh, a Google spokesperson. “Our policies do not permit audience segments to be used based on sensitive information like employment, health conditions, financial status, etc.”

Despite this, numerous segments contained in the data are clearly targeted at households and businesses based purely on data suggesting they’re experiencing financial hardship—aiming, for instance, to help advertisers identify people who are in the process of bankruptcy or burdened by long-term debt.

Allison Bodack, another Google spokesperson, tells WIRED that when the company detects “non-compliant audience segments, we will take action.” Asked to explain why Google had not detected segments with descriptions such as “Individuals likely to have a Cardiovascular condition,” or “Parents of children likely to have a respiratory disease, like Asthma,” Bodack did not respond.

Segments accessible through DV360 that target Americans with asthma contain at least hundreds of millions of mobile IDs—among them, a list simply titled, “People who have asthma.” Hundreds of millions more were found on lists for no other reason than the fact that their users are believed to have diabetes. A vast number of devices and user profiles are spread out across lists that target users determined likely to need specific medications, including some controlled substances, such as Ambien. One list links more than 140 million mobile IDs to opioid usage, suggesting the users need relief from a common "opioid-induced" side effect.

Google did not respond when asked whether a data broker had violated its rules by offering advertisers access to a list of people “likely to have an Endocrine disorder.” (The company only stated that its policies “do not permit” such segments “to be used.”) Asked to explain whether it assigns any level of risk to audience segments that target US government employees working in national security jobs, or contractors with access to restricted US defense-related technologies, Google’s spokespeople did not respond.

Among a list of 33,000 audience segments obtained by the ICCL, WIRED identified several that aimed to identify people working sensitive government jobs. One, for instance, targets US government employees who are considered “decision makers” working “specifically in the field of national security.” Another targets individuals who work at companies registered with the State Department to manufacture and export defense-related technologies, from missiles and space launch vehicles to cryptographic systems that house classified military and intelligence data.

Sources with firsthand knowledge of Google’s platform, granted condition of anonymity to protect against retaliation on the job, confirmed the segments were actually accessible to Google’s ad buyers. Unlike Google Ads, which is free and typically used by individuals and small businesses, DV360 is a paid platform primarily aimed at companies that spend over $50,000 in ad buys per month. Google’s DV360 partners include the likes of Disney and NBCUniversal.

“This is exactly the kind of seemingly obscure data that would pique a foreign adversary's interest,” says Justin Sherman, CEO of Global Cyber Strategies, and author of the upcoming book _Navigating Technology and National Security_. “It’s not necessarily held in every dataset, but it speaks to a medical condition, it speaks to use of a powerful drug, and it speaks to something that could potentially be exploited in an intelligence context.”

Over the last decade or so, online advertising has evolved to include technologies capable of “micro-targeting” individuals based on surveillance data gathered from a wide variety of sources. Users are grouped into “segments” by data brokers who aim to isolate individuals with the help of unique mobile identifiers—alphanumeric strings that are assigned to mobile devices and are widely shared across the advertising ecosystem. These mobile IDs are employed to not only track a user’s movements but their online habits, including which apps they use, and are regularly combined with “cookies” that track web browsing behavior and purchasing information.

While the purpose of mobile IDs and other ad-based identifiers is, ostensibly, to help shield users’ identities, it is no secret that when combined with other datasets, it can become trivial to re-identify people whose information has been “anonymized.”

A government report declassified by the US Office of National Intelligence in June 2023 notes that commercial data may be combined to “reverse engineer identities or deanonymize various forms of information.” Advisers to the nation’s top spy at the time, Avril Haines, added in the report: “In the wrong hands, sensitive insights gained through \[commercially available information\] could facilitate blackmail, stalking, harassment, and public shaming.”

Demonstrating the point, many data brokers that exist on the periphery of Google’s advertising exchange work to assist marketers by crafting complex dossiers on individual consumers, “enriching” anonymized profiles with information drawn from a range of public and government sources. Frequently this includes credit card transactions, social media posts, bankruptcy filings, vehicle registration records, employment records, and hoards of web tracking data quietly amassed from websites, apps, and IoT devices.

With such access, data brokers aim to craft customized lists of potential targets, such as people who have “careers in the armed forces” and enjoy “gambling in general,” or those who are an “active conservative voter” likely to “participate in a civil protest,” according to the ICCL-provided data.

The manner in which the data was originally acquired by the ICCL provides a quintessential example of the ease with which rival foreign intelligence agencies can gain access to Americans’ data with minimal effort. Johnny Ryan, director of Enforce, ICCL’s investigative branch, says he was surprised by how easy the access came. “I was prepared for a complex process that would test my cover story,” he says, “but when I signed up there was no questions asked whatsoever.”

To gain access to the data broker’s segments, Ryan created a website for a fake “data analytics” firm. The “company” isn’t registered anywhere officially, but exists solely as a handful of web pages. On them, Ryan placed an image of a Russian soldier, apparently in the midst of combat, alongside a map of Ukraine. The firm’s work is vaguely described as helping “select clients” obtain “real-time” awareness of “targets” in the field. Ryan used this implausible cover while approaching data brokers based in the US.

“I could have been anybody,” he says.

To protect the integrity of ongoing research, WIRED agreed to delay identifying any data brokers being monitored by the ICCL.

Ryan’s research into ad-tech abuse informed a Federal Trade Commission lawsuit brought in 2024 against Mobilewalla, a data broker that, the FTC claims, widely offered access to segments used “specifically” to target “pregnant women and young mothers,” while also selling mobile IDs that tracked people visiting medical facilities and domestic abuse shelters. (Similarly, WIRED identified segments in the ICCL’s data that linked millions of mobile devices to expectant mothers, as well as more than 140 lists that referenced a “propensity” for “disease.” Fifty-one million mobile IDs belong to a segment aimed specifically at women likely to lack preventive care.)

According to the FTC government complaint, Mobilewalla collected more than 183 million mobile IDs in 2021 alone. Between 2018 and 2020, the company sourced roughly 60 percent of its data directly from real-time bidding (RTB) exchanges, marketplaces where advertisers compete for online ad space in lightning-fast auctions.

A complaint filed by Enforce and the Electronic Privacy Information Center (EPIC) last month urges the FTC to launch an investigation into whether Google’s RTB tools have allowed sensitive data to be made available to foreign adversaries—information that Ryan, along with other experts, says includes vast troves of personal data tied to “active military, intelligence personnel, and key leaders.”

Many of the conditions, behaviors, and traits reflected in the data, such as a likelihood of financial debt, propensity for high alcohol use, and certain medical conditions, are criteria that can adversely affect a federal employee’s eligibility to access classified information—illustrating the potential of its use for blackmail purposes.

EPIC and Enforce allege that Google both “directly” and “indirectly” provides foreign adversaries, including China, with “extraordinarily sensitive” commercial data concerning “America’s leaders and sensitive defense personnel,” while pointing the finger at Google as the predominant commercial entity behind a vast and widely ignored “national security crisis.”

“Google’s purported self-regulation cannot protect us,” says EPIC senior counsel Sara Geoghegan, whose complaint points to restrictions on data broker deals cemented last year under a new federal law, the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA). According to Geoghegan, Google’s advertising tools pose a unique national threat, one that Congress has specifically charged the FTC with eliminating.

Google’s spokesperson Erica Walsh denies any wrongdoing on the part of the company, saying that, for instance, while Google’s ad exchanges continue to accept business from Chinese companies, it has long since ceased sharing data with Russian entities. Last year, she says, Google introduced a new system designed to identify companies with ties to China in order to restrict the types of information they receive about US consumers. “This means we never share data tied to a specific user in the US for bid requests to those known entities,” she says.

While the FTC has yet to introduce any cases based on PADFAA—and also declined to comment for this story—the law notably extends far beyond data that is merely “tied to a specific user.” Google and other US companies are now forbidden under law from providing companies with ties to hostile nations with any information that, no matter how anonymized, can be tied back to a specific user when combined “with other data.”

China is reported to have the world’s largest security and intelligence apparatus, employing a veritable army of hackers that have spent decades infiltrating US corporations and agencies to steal data, most recently compromising at least 11 of the nation’s telecommunications networks.

“It would be a joke for the Chinese government to link a mobile ad ID to a person's name,” says Sherman of Global Cyber Strategies.

Walsh notes that under Google’s new rules, mobile IDs are automatically stripped from RTB data served to Chinese entities. Along with other identifiers, Google also redacts the location data of devices being served the ads, limiting what Chinese companies can see to the name of a city. Google will provide the URL of a web page or the name of an app that an American is using, it says, but only in real time.

To ensure compliance, Walsh says, Google employs an independent company to “regularly” audit its authorized RTB buyers. Google declined to reveal more about the audits, but its public documentation suggests they are conducted at Google’s expense, “no more than once during each 12 month period.”

Zach Edwards, a longtime advertising-industry researcher and senior threat researcher at cybersecurity firm Silent Push, says Google’s efforts to limit the flow of data to China may ultimately have little effect. When a company wins a bid and its ad is served on a web page, he says, it becomes possible to acquire much of the same data that Google preemptively redacts, including a user's full IP address and detailed information about the device they are using. Chinese hackers have reportedly used this technique in the past to execute malicious code on millions of users’ devices—a threat known as “malvertising.”

“Redacting the bid request is totally moot,” Edward says. “If you take tens of millions of dollars from Chinese advertisers and don’t blink at them buying every impression, they outbid everyone and are able to get on the page.” According to recent reports, Chinese companies are spending “huge sums” on ads targeting US consumers, netting major profits for Meta, X, YouTube, and similar Silicon Valley firms that dominate the digital advertising market. In a February 2024 earnings call, Meta said that “China-based advertisers represented 10 percent of our overall revenue” for 2023, which totaled $133 billion.

“Even if Google were to change its practices and only initially broadcast RTB data to entities in the United States,” EPIC’s complaint says, the data would “inevitably” fall into foreign actors’ hands. “Google has no way to control what happens to the data that it broadcasts so freely,” it alleges. This was also the contention of the organization that develops technical standards for the advertising industry. Known as the Interactive Advertising Bureau (IAB), the organization acknowledged in 2018 that there is “no technical way to limit the way data is used after the data is received by a vendor.”

Foreign actors and private surveillance firms have been caught routinely exploiting RTB systems by creating shell advertising companies in order to access bid-stream data: information on users broadcast between the demand and supply sides of an RTB auction. In 2022, Adalytics, a digital ad analysis firm, published a report alleging that Google was sharing RTB data with RuTarget, an ad-tech firm owned by Russia’s largest state bank; activity that Google says it ceased in response. In 2023, Bloomberg reported that, by operating its own demand-side platform, an Israeli surveillance company called Rayzone had gained direct access to Google’s RTB data.

Last year, 404 Media reported on another Israeli tool called Patternz that was for leveraging access to Google’s system in the same manner.

Senator Ron Wyden of Oregon, who has authored legislation that would ban federal agencies from buying data that normally requires a warrant, says the fact that Google’s platform provides overseas companies access to any personal data on military and intelligence personnel is an “outrageous practice.” “Federal regulators should throw the book at Google,” he believes, “and cut off the company from federal contracts until it stops exposing our troops to harm.”

Internal Google communications cited by EPIC and Enforce reveal a historical reluctance by Google to take practical steps to remedy the problem, despite company leaders internally acknowledging the risk. A 2014 exchange, first revealed during a federal antitrust case two years ago, shows one senior executive acknowledging the “difficulty in figuring out what buyers are actually doing with the data we're sending.”

The remark prompted another executive to inquire as to what the “financial impact” may be of actually addressing the problem.

In another document, from late 2021, Google’s chief marketing officer, Lorraine Twohill, advises CEO Sundar Pichai to move the company away from real-time bidding, telling him: “Users point to our ads as THE reason why they can't trust Google and why they think we sell their personal information to 3rd parties.”

Twohill’s letter—sent on International Data Privacy Day—makes clear her opinion of Google’s advertising practices: “real time bidding on user data = bad,” she writes, before signing off, “Your privacy obsessed pal.”

Google Ad-Tech Users Can Target National Security ‘Decision Makers’ and People With Chronic Diseases

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation.
"The legitimate application used in the attack, jarsigner, is a file created during the installation of the IDE package distributed by the Eclipse Foundation," the AhnLab SEcurity Intelligence Center (ASEC)

Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives

The continent faces "relentless" military espionage, and increased cyber sabotage at the hands of authoritarian regimes, according to a high-ranking intelligence director.

Source: Christophe Coat via Alamy Stock Photo

Australian intelligence is projecting that foreign nations will increasingly attempt to sabotage its country's critical infrastructure.

On Feb. 19, Mike Burgess, director-general of security in charge of the Australian Security Intelligence Organisation (ASIO), delivered an annual threat assessment encompassing the many national security threats facing Australia. Among the most important, he noted, are the ways in which foreign threat actors are weaponizing artificial intelligence (AI)-enabled disinformation and deepfakes, military espionage, and attacks against critical infrastructure that could cause damage to the military, government, and social cohesion.

"ASIO's report reflects an increasingly combative international relations environment, increasing competition between great powers, and Australia's position in all of this — one which is both strategically critical and geographically fragile," Bugcrowd founder Casey Ellis says. "Critical infrastructure is the primary target \[of nation-states\] in the cyber domain. Eleven percent of cybersecurity incidents in the past year in Australia have focused on critical infrastructure, with mounting evidence of adversaries positioning themselves for opportunistic strikes in a way that mirrors tactics observed targeting the US."

**Threats to Australia's Military and Civilians**

Burgess has now made six threat assessments since taking office in 2019, but none quite like his latest. "I think it's fair to say it's the most significant, serious, and sober address so far," he said on Wednesday.

Of the cyber threats to the country, Burgess highlighted a few primary areas of concern.

First, the power that AI gives to malicious governments and criminal threat actors. "Artificial intelligence will enable disinformation and deepfakes that can promote false narratives, undermine factual information, and erode trust in institutions," he explained. "Espionage and foreign interference will be enabled by advances in technology, particularly artificial intelligence and deeper online pools of personal data vulnerable to collection, exploitation, and analysis by foreign intelligence services."

AI has been a source of increasing concern around data collection for years. Major Silicon Valley companies have had no reticence in training their models on unauthorized data around the Web, a practice made even more worrying now that the latest chatbot comes from an authoritarian state.

Burgess also spoke of "greater threats" against Australia's military. "Defence personnel are being targeted in person and online. Some were recently given gifts by international counterparts. The presents contained concealed surveillance devices," he said. He went on to describe the trilateral security partnership between Australia, the UK, and the US (AUKUS) as "a priority target for intelligence collection, including by countries we consider friendly. ASIO has identified foreign services seeking to target AUKUS to position themselves to collect on the capabilities, how Australia intends to use them, and to undermine the confidence of our allies."

**Foreign Nations Eye AUS Critical Infrastructure**

ASIO also assessed that "authoritarian regimes are growing more willing to disrupt or destroy critical infrastructure to impede decision-making, damage war-fighting capabilities, and sow social discord."

Burgess pointed to Russia's war in Ukraine as an obvious case study in how governments can sabotage critical infrastructure to cause both physical and cyber consequences. And it's not like the threat to Australia's infrastructure is merely theoretical, either.

"Cyber units from at least one nation state routinely try to explore and exploit Australia’s critical infrastructure networks, almost certainly mapping systems so they can lay down malware or maintain access in the future," Burgess said. "We recently discovered one of those units targeting critical networks in the US. ASIO worked closely with our American counterpart to evict the hackers and shut down their global accesses, including nodes here in Australia."

Even in times without war, he warned, "foreign regimes are expected to become more determined to, and more capable of, pre-positioning cyber access vectors they can exploit in the future."

**About the Author**

Nate Nelson is a writer based in New York City. He formerly worked as a reporter at Threatpost, and wrote "Malicious Life," an award-winning Top 20 tech podcast on Apple and Spotify. Outside of Dark Reading, he also co-hosts "The Industrial Security Podcast."

Australian Critical Infrastructure Faces 'Acute' Foreign Threats

DOGE technologists Edward Coristine—the 19-year-old known online as “Big Balls”—and Kyle Schutt are now listed as staff at the Cybersecurity and Infrastructure Security Agency.

Edward Coristine, a 19-year-old engineer with Elon Musk’s so-called Department of Government Efficiency (DOGE) known as “Big Balls,” is now on staff at the Cybersecurity and Infrastructure Security Agency (CISA), WIRED has confirmed. He is joined by another member of the DOGE team, 38-year-old software engineer Kyle Schutt, who is now also on the CISA staff, according to a government source.

CISA referred WIRED to the Department of Homeland Security (DHS), of which it’s a component agency, when reached for comment. DHS did not immediately reply to a request for comment.

Coristine—briefly an intern for Musk’s brain-computer interface company, Neuralink, as WIRED has reported—has been working his way through numerous federal agencies and departments as a DOGE operative since January. He has been tracked at the General Services Administration (GSA), the Office of Personnel Management, the State Department, and FEMA. At State’s Bureau of Diplomatic Technology, he potentially had access to systems containing sensitive information about diplomats and many sources and spies around the world who provide the U.S. government with intelligence and expertise.

As the journalist Marisa Kabas was first to report, he has now moved to CISA, a division of DHS. He is listed in the staff directory as a senior advisor.

A second DOGE worker, Schutt, has also joined Coristine at CISA. Schutt has reportedly also been at the GSA. Prior to his work with DOGE, he worked on the launch of WinRed, a fundraising platform for Republicans that helped the party raise $1.8 billion during the 2024 election campaigns.

It’s not clear yet what level of access Coristine might have to data and networks at CISA, but the agency, which is responsible for the defense of civilian federal government networks and works closely with critical infrastructure owners around the country, stores a lot of sensitive and critical security information on its networks. This includes information about software vulnerabilities, breaches, and network risk assessments conducted for local and state election offices. Since 2018, CISA has helped state and local election offices around the country assess vulnerabilities in their networks and help secure them. CISA also works with the Federal Bureau of Investigation and the National Security Agency to notify victims of breaches and process information about software vulnerabilities before the information becomes public.

Coristine, as WIRED has previously reported, worked briefly in 2022 for Path Network, a network monitoring firm known for hiring reformed blackhat hackers. According to security journalist Brian Krebs, an account once associated with him was also previously linked with a loosely-formed cybercriminal community known as The Com, whose members have been responsible for various hacking operations in the last few years, including the hack of numerous Snowflake accounts. Coristine has not been associated with the Snowflake breaches, but as WIRED has reported, an account that has been associated with him did appear to suggest the owner of the account was seeking help to conduct a Distributed Denial of Service attack—a criminal technique that involves launching extensive traffic at a domain to disable it and prevent legitimate traffic from reaching it. Krebs also reported that Path had fired Coristine for allegedly leaking internal company documents to a competitor.

The Washington Post reported last week that Coristine had been assigned to the DHS as a senior advisor, but didn’t indicate what part of the sprawling agency he had joined.

“What’s the point of fighting cybercrime if we’re just going to give access for government networks to people with cybercriminal gang affiliations?” says a cybersecurity researcher who tracks cybercriminal groups.

DOGE Now Has Access to the Top US Cybersecurity Agency

These sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says.

Source: aily\_creativity via Shutterstock

Multiple Russia-aligned threat groups are actively targeting the Signal Messenger application of individuals likely to exchange sensitive military and government communications related to the country's war with Ukraine.

For now, the activity appears limited to persons of interest to Russia's intelligence services, according to researchers at Google's Threat Intelligence Group (GTIG), who spotted it recently. But the tactics the threat actors are using in the campaign could well serve as a blueprint for other groups to follow in broader attacks on Signal, WhatsApp, Telegram, and other popular messaging apps, GTIG warned in a blog post this week.

**Likely to Become More Prevalent**

"We anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war," Google threat analyst Dan Black wrote in the post.

Two of the Russian cyber-espionage groups that Google observed targeting Signal are UNC5792 — a threat actor that Ukraine's CERT tracks as UAC-0195 — and UNC4221 (aka UAC-0185). The goal of the attackers in both cases is to trick targeted victims into unknowingly linking their Signal account to an attacker-controlled device so any incoming messages are simultaneously available on the linked device.  

The attacks are taking advantage of "linked devices," a feature of the Signal app that allows users to securely connect and synchronize their account across multiple devices. However, the tactics that each threat group uses to get targets to unwittingly link their accounts have been slightly different.

UNC5782's ploy has been to send invitations asking targeted individuals to join a Signal group by sharing a malicious QR code with them. While the invitations look identical to Signal's group invite, the threat actors have modified them so that anyone social-engineered into scanning the QR code ends up linking their account to a UNC592-controlled device instead.

The other threat group, UNC4221, is using a customized phishing kit that impersonates parts of Kropyva, an application that Ukraine's military uses for artillery guidance, to try and social-engineer Signal Messenger users of interest. The threat actor has established Kropyva-themed phishing sites with the QR code directly embedded on them. It has also set up phishing sites pretending to contain legitimate Signal instructions for device linking to encourage scam victims into scanning their malicious QR code.

**Broad Threat Actor Interest**

Google identified UNC4221 and UNC5782 as two of several Russian and Belarusian groups that are targeting Signal Messenger to spy on persons of interest. Not all attacks by UNC4221 and UNC578 have involved device linking. Russia's infamous Sandworm cyber-sabotage group (which Google tracks as APT44) has been stealing Signal messages from a target's Signal database or local storage files, using a combination of malware tools. Similarly, Turla, a threat actor that the US government has tied to Russia's Federal Security Service (FSB), is doing the same using a lightweight PowerShell script that it deploys after gaining access to a target environment. Another threat actor from the region targeting Signal Messenger, according to Google, is Belarus-linked UNC1151, which uses the Robocopy Windows file-copying tool to copy and store Signal messages and attachments for future theft.

The flurry of activity targeting Signal is a sign of broader attacker interest in secure messaging apps used by those in espionage and intelligence gathering, including politicians, military personnel, activists, privacy advocates, and journalists. The apps' security features, which include end-to-end encryption of text, voice, and video with minimal data collection practices, have made it a popular tool for at-risk individuals and communities. It has also made the app "a high-value target for adversaries seeking to intercept sensitive information that could fulfill a range of different intelligence requirements," Google's Black wrote.

Signal is not the only target. Russian groups have also targeted Telegram and WhatsApp users in the same way, Black said. He pointed to a recent Microsoft report on attacks by Russian group Star Blizzard (aka Coldriver, Blue Charlie, Callisto, and UNC4057) that targeted WhatsApp accounts belonging to current and former government officials and diplomats.

Significantly, attacks targeting WhatsApp can affect businesses as well. Although WhatsApp — like Signal, Telegram and other messenger apps — is primarily consumer-focused, numerous businesses worldwide use the app. WhatsApp even has a business version that it has positioned as a tool that businesses can use to engage with customers, accelerate sales, and deliver customer support.

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Russian Groups Target Signal Messenger in Spy Campaign

Is your Signal, WhatsApp, or Telegram account safe? Google warns of increasing attacks by Russian state-backed groups. Learn…

Is your Signal, WhatsApp, or Telegram account safe? Google warns of increasing attacks by Russian state-backed groups. Learn how they’re stealing messages and what you can do to defend yourself.

Russian state-backed actors are increasingly targeting secure messaging applications like Signal to intercept sensitive communications, reveals a recent report by Google’s Threat Intelligence Group. These groups, often aligned with Russian intelligence services, are focusing on compromising accounts used by individuals of interest, including military personnel, politicians, journalists, and activists. While the initial focus appears to be related to the conflict in Ukraine, researchers believe that these tactics will spread to other regions and threat actors.  

A primary method employed by these actors in this campaign involves exploiting the “linked devices” feature of Signal. By using phishing techniques, they trick users into scanning malicious QR codes, which then secretly link the victim’s account to a device controlled by the attacker. This allows the attacker to receive all messages in real-time, effectively eavesdropping on conversations without needing to compromise the entire device.

These malicious QR codes are often disguised as legitimate Signal resources, such as group invites, security alerts, or even device pairing instructions. In some cases, they are incorporated into phishing pages designed to mimic specialized applications, such as those used by the Ukrainian military.

The screenshot shows a Signal app phishing site and one of the malicious QR codes used in the attack (via Google).

In some cases, malicious QR codes are used in close-access scenarios, such as when Russian military forces capture devices on the battlefield.  This method lacks centralized monitoring and can go unnoticed for extended periods, which makes it hard to detect.

One group, identified as UNC5792 (also known as UAC-0195), has been observed modifying legitimate Signal group invite links. These altered links redirect victims to fake pages that initiate the unauthorized linking of their devices to the attacker’s control. The phishing pages are designed to closely resemble official Signal invites, making detection challenging. 

Another group, UNC4221 (UAC-0185), has targeted Ukrainian military personnel by embedding malicious QR codes within phishing sites that mimic artillery guidance applications. They have also used fake Signal security alerts to deceive victims. 

Beyond phishing, APT44 (Sandworm) utilizes malware and scripts to extract Signal messages from compromised Windows and Android devices. Their WAVESIGN script retrieves recent messages, while Infamous Chisel malware searches for Signal database files on Android devices.  

Other groups, like Turla and UNC1151, target the desktop application, using scripts and tools to copy and exfiltrate stored messages. UNC4221 has also used a JavaScript payload called PINPOINT to gather user information and geolocation data.

The popularity of secure messaging apps makes them prime targets for adversaries and other platforms, such as WhatsApp and Telegram, are also facing similar threats.

“The operational emphasis on Signal from multiple threat actors in recent months serves as an important warning for the growing threat to secure messaging applications that is certain to intensify in the near-term,” researchers warned.

Therefore, users are advised to stay cautious. It is important to use strong screen locks with complex passwords, keep operating systems and apps updated, and ensure Google Play Protect is enabled. Regularly auditing linked devices, exercising caution with QR codes and links, and enabling two-factor authentication are also recommended. iPhone users at high risk should consider enabling Lockdown Mode.

Hackers Tricking Users Into Linking Devices to Steal Signal Messages

The authentication bypass vulnerability in the OS for the company's firewall devices is under increasing attack and being chained with other bugs, making it imperative for organizations to mitigate the issue ASAP.

Source: Chiew via Shutterstock

Attackers are actively exploiting an authentication bypass flaw found in the Palo Alto Networks PAN-OS software that lets an unauthenticated attacker bypass authentication of that interface and invoke certain PHP scripts.

Both the Cybersecurity Infrastructure and Security Agency (CISA) and security researchers are warning of increasing attacker activity to exploit the flaw, tracked as CVE-2025-0108 and first revealed in a blog post on Feb. 12 as a zero-day flaw by researchers at Searchlight Cyber AssetNote. PAN-OS is the operating system for Palo Alto's firewall devices; the flaw affects certain versions of PAN-OS v11.2, v11.1 , v10.2, and v10.1 and has been patched for all affected versions.

Patch info is available in Palo Alto's security advisory on CVE-2025-0108, which is rated as 8.8 and therefore of high severity on the CVSS. The company warned that while the PHP scripts that can be invoked do not themselves enable remote code execution, exploiting the flaw "can negatively impact integrity and confidentiality of PAN-OS," potentially giving attackers access to vulnerable systems, where other bugs could be used to achieve further aims.

Indeed, researchers observed attackers making exploit attempts by chaining CVE-2025-0108 with two other PAN-OS Web management interface flaws — CVE-2024-9474, a privilege escalation flaw, and CVE-2025-0111, an authenticated file read vulnerability — on unpatched and unsecured PAN-OS instances.

**Active Exploitation of Palo Alto Firewalls**

Threat actors apparently got the memo on the potential for exploit, as attacks on affected devices are on the rise. As of Feb. 18, 25 malicious IPs are actively exploiting CVE-2025-0108, up from merely two the day after its discovery was made public, according to researchers at GreyNoise. The top three countries for these attacks are the US, Germany, and the Netherlands, according to a blog post on the exploitation.

"Organizations relying on PAN-OS firewalls should assume that unpatched devices are being targeted and take immediate steps to secure them," Noah Stone, head of content at GreyNoise Intelligence, wrote in the post.

The increased activity to exploit the flaw compelled the CISA to add it to the Known Exploited Vulnerabilities Catalog this week and urge those affected to apply Palo Alto's patches for affected device versions.

**Why CVE-2025-0108 in PAN-OS Exists**

The flaw exists because of a common architecture present in PAN-OS, "where authentication is enforced at a proxy layer, but then the request is passed through a second layer with different behavior," security researcher Adam Kues wrote in Searchlight Cyber Assenote's post.

"Fundamentally, these architectures lead to header smuggling and path confusion, which can result in many impactful bugs," he explained.

Specifically, a Web request to the PAN-OS management interface is handled by three separate components: Nginx, Apache, and the PHP application itself. The researchers found that when the authentication by the requester is set at the Nginx level and based on HTTP headers, the request is then reprocessed again in Apache, which may process the path or headers differently to Nginx before finally handing off the request to PHP.

"If there is a difference between what Nginx thinks our request looks like and what Apache thinks our request looks like, we could achieve an authentication bypass," Kues explained.

The risk of exploitation is greatest if a network configuration enables access to the management interface from the Internet (or any untrusted network) either directly or through a dataplane interface that includes a management interface profile, Palo Alto noted in its advisory.

**Eliminate Risk by Patching Auth Bypass Now**

Palo Alto's network devices are widely used and flaws within them are often quickly set upon by attackers, making it imperative that mitigation for CVE-2025-0108 happens sooner rather than later. The best way to eliminate the risk of exploitation completely is to apply Palo Alto's updates to affected devices, according to the CISA and researchers.

Affected organizations also can reduce this risk if network administrators ensure that only trusted internal IP addresses can access the management interface, according to Palo Alto. Defenders can discover any assets that require remediation action by visiting the Assets section of the Customer Support Portal, the company said.

Palo Alto also recommends that organizations whitelist IPs in the management interface to prevent this or similar vulnerabilities from being exploited over the Internet.

**About the Author**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

Patch Now: CISA Warns of Palo Alto Flaw Exploited in the Wild

Google warns that hackers tied to Russia are tricking Ukrainian soldiers with fake QR codes for Signal group invites that let spies steal their messages. Signal has pushed out new safeguards.

For more than a decade now, Russian cyberwarfare has used Ukraine as a test lab for its latest hacking techniques, methods that often target Ukrainians first before they're deployed more broadly. Now Google is warning of a Russian espionage trick that's been used to obtain Ukrainians' messages on the encrypted platform Signal—and one that both Ukrainians and other Signal users worldwide should protect themselves against with a new update to the app.

Google's threat intelligence team on Wednesday released a report revealing how multiple hacker groups that serve Russian state interests are targeting Signal, the end-to-end encrypted messaging tool that has become widely accepted as a standard for private communications and is now often used by Ukrainians, including in the Ukrainian military's battlefield communications. Those Russia-linked groups, which Google has given the working names UNC5792 and UNC4221, are taking advantage of a Signal feature that allows users to join a Signal group by scanning a QR code from their phone. By sending phishing messages to victims, often over Signal itself, both hacker groups have spoofed those group invites in the form of QR codes that instead hide javascript commands that link the victim's phone to a new device—in this case, one in the hands of an eavesdropper who can then read every message the target sends or receives.

“It looks exactly like a group invite, and everything would function exactly like that, except when you scan it, it links the device out,” says Dan Black, a Google cyberespionage researcher and former NATO analyst. “It instantly pairs your device with theirs. And all your messages are now, in real time, being delivered over to the threat actor while you're receiving them.”

Two months ago, Google began warning the Signal Foundation that maintains the private communications platform about Russia's use of the QR code phishing technique, and Signal last week finished rolling out an update for iOS and Android designed to counter the trick. The new safeguard warns users when they link a new device and checks with them again at a randomized interval a few hours after that device is added to confirm that they still want to share all messages with it. Signal now also requires a form of authentication such as entering a passcode or using FaceID or TouchID on iOS to add a new linked device.

In fact, Signal had already been working to update those forms of phishing protections aimed specifically at exploitation of its linked device feature prior to Google's warning, says Signal's senior technologist, Josh Lund. But Google's report about Russia's spying in Ukraine provided an “acute” example of the problem that pushed them to move quickly to protect users, he says.

“We're really grateful to the Google team for their help in making Signal more resilient to this type of social engineering,” says Lund, using the cybersecurity term for tricks that deceive victims into giving hackers sensitive information or access to their systems.

Both Google and Signal emphasized that the phishing technique Google has seen in use in Ukraine doesn't suggest that Signal's encryption is broken or that the app's messages can otherwise be eavesdropped in transit. Instead, the trick essentially combines two legitimate features—QR-code group invites and QR-code device linking that pairs a smartphone with a laptop—invisibly swapping one with the other to deceive users. “Phishing is a big problem on the internet, and it's never nice to hear that someone has fallen victim to one of these attacks,” Lund says. “But we're trying to do our best to keep users safe, and we think these recent improvements will really help.”

Google notes that it's seen Russia use similar techniques to target other communications platforms like WhatsApp and Telegram, too. But the hackers tied to Russia's military have focused on Signal because of its widespread tactical use in the Ukrainian military. One of the two hacker groups that has exploited the QR code phishing technique, for instance, has disguised the codes as invites to groups associated with an artillery guidance app used by the Ukrainian military called Kropyva. In other instances, the spoofed QR codes have impersonated invites to other groups from a trusted contact, or security alerts from Signal itself.

Russia's hackers have targeted Signal as part of the country's war efforts in Ukraine since as early as 2023, a year into its full-scale invasion, says Google's Black. That's when the Russian hacker group known as Sandworm, a notorious unit of Russia's GRU military intelligence agency, began pivoting from disruptive cyberattacks to tactical espionage that included penetrating tablet computers used by the Ukrainian military. In some cases, Sandworm's hackers have also aided front-line Russian troops in off-loading Signal messages from captured devices, including by using the linked-device feature to pair compromised phones with their own PCs. Google says that Turla, a hacker group linked to Russia's FSB security agency, has also targeted Signal messages on PCs that it's infected with malware.

Google's Black says that the company's analysts nonetheless waited to highlight Russia's use of the QR-code phishing technique to target Signal until the Signal Foundation could push out new protections, in part to prevent other hackers from copying the technique. Black warns, in fact, that Russia's targeting of Signal in Ukraine shouldn't be seen as a problem limited to Ukraine nor to military conflicts in general. The trick is just as likely to be used for targeting dissidents and activists who use Signal worldwide, or even a broader set of targets. In December, for instance, US officials recommended Americans use end-to-end encrypted apps in response to the Chinese hacker group Salt Typhoon's widespread penetrations of US telecom networks.

“The use case for these techniques is just so wide," says Black. “We've seen history tell us a very particular story in terms of tradecraft, that the things that happen in Ukraine don't seem to stay confined there.”

A Signal Update Fends Off a Phishing Technique Used in Russian Espionage

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along with improved operational security.

In the campaign, dubbed "DEEP#DRIVE" by security firm Securonix, the threat group used fake work logs, insurance documents, and crypto-related files to convince users to download and run a zipped shortcut file that gathers system configuration information and then executes PowerShell and .NET scripts. The attack tools upload the system data to Dropbox folders and then download additional commands and capabilities for further compromise.

While the attackers showed some interest in quick financial wins — such as targeting cryptocurrency users — for the most part, the threat group focused on stealing sensitive data from South Korean government agencies and businesses, says Tim Peck, a senior threat researcher at Securonix.

"We observed evidence of both espionage and financial motivation, though leaning more toward espionage," he says. "This aligns with Kimsuky's historical targeting of South Korean government agencies, enterprises, and strategic industries."

North Korean cyber-operations groups have consistently targeted South Korea and the US, with South Korean government agencies and companies among the most popular targets. In September 2024, the FBI warned that North Korean groups planned to launch a surge of attacks against organizations with significant cryptocurrency reserves, and Kimsuky launched a similar multistage attack against South Korean targets last year.

**A Prolific Group**

Kimsuky isn't monolithic, but has five threat groups that have overlap with what other companies consider to be the same group, says threat intelligence firm Recorded Future. One group tends to focus on the healthcare and hospitality sectors, for example, while another focuses on cryptocurrency markets.

By mid-2023, Kimsuky became the most prolific North Korean group. (More recent data not available.) Source: Recorded Future's "North Korea's Cyber Strategy" report

The Kimsuky groups accounted for the most attacks identified as North Korean in origin between 2021 and 2023, according to Recorded Future's "North Korea Cyber Strategy" report. In 2024, the groups continued to account for a high volume of attacks, says Mitch Haszard, senior threat intelligence analyst with Recorded Future.

"These groups conduct high volume phishing campaigns, primarily targeting individuals and organizations in South Korea, while occasionally targeting entities in other countries," he says. "In the activity we see, these groups appear to be going for volume, rather than more time-consuming, tailored spear-phishing operations."

Other well known North Korean groups, such as Lazarus and Andariel, are not as prolific as the Kimsuky threat actors. While some of those groups are more focused on gathering sensitive information, nearly all also have a financial motivation.

**Thousands of Victims?**

In the DEEP#DRIVE campaign, following the compromise of a system, the Kimsuky group's attack scripts upload data on the system configuration to one of several Dropbox folders. While the Securonix researchers were not able to gather intelligence from all the suspected Dropbox locations, they uncovered signs of more than 8,000 configuration files, although some appear to be duplicates, Peck says.

While that means they likely came from the same victim organizations, the campaign appears to be quite successful, he says.

"There were two factors which contributed to the 'uniqueness' of the configuration file, the username, and IP address," Peck says. "Some usernames were associated with dozens of similar IP addresses, which could indicate lateral movement by the attacker — \[that is\], infecting dozens of machines from the same entity."

The data from a compromised system includes the host IP address, the system uptime, details about the OS type and version, any installed security software, and a list of running processes.

**Kimsuky Improves Its OpSec**

The campaign also highlighted North Korean cyber-operations groups' improvements to operational security. The group used OAuth-based authentication on its Dropbox folders, preventing traditional URL-blocking or network-based defenses from following the links. The threat actors also quickly took down components of their infrastructure soon after the Securonix researchers began investigating, Securonix's Peck says.

"This level of operational awareness is not always present in phishing-driven malware campaigns," he says.

For companies, the threat group's tactics underscore that the hidden file extensions should be disabled, shortcut files should be blocked from executing in user folders, and only signed PowerShell scripts be allowed to execute. Those three countermeasures make the attackers' activity much easier to detect, Peck says.

In addition, companies in targeted industries — such as cryptocurrency exchanges and government agencies — should bolster their email security and regularly train employees on how to spot phishing threats, says Recorded Future's Haszard.

"Most North Korean cyberattacks still start with social engineering and a phish," he says. "Companies should ensure that they have an email security solution in place and regularly train employees on phishing threats, as well as conduct simulated phishing tests."

**About the Author**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Tag

#intel